You must have assumed a role that includes the User Security profile or have switched to superuser. You cannot be in the role whose password you want to change. A role cannot change its own password.
Use one of the following methods to change a role's password.
As superuser or in a role that includes the User Security rights profile, run the passwd command.
$ passwd -r naming-service target-rolename |
Applies the password change to one of the following repositories files, nis, nisplus, or ldap. If a repository is not specified, the password is changed in files.
Is the name of an existing role that you want to modify.
For more command options, see the passwd(1) man page.
Change the password in the Solaris Management Console.
To start the console, see How to Assume a Role in the Solaris Management Console.
Log in to the console as superuser or in a role that includes the User Security rights profile.
The login role cannot be the target role.
Choose the appropriate scope.
The Files scope modifies the role password on the local system. The LDAP scope modifies the role password in the LDAP naming service.
Navigate to Administrative Roles and follow the instructions in the left-hand pane.
For more extensive information, see the online help.
As superuser or in a role that includes the User Security rights profile, run the smrole command with the modify subcommand.
This command runs as a client of the Solaris Management Console server.
$ /usr/sadm/bin/smrole -D domain-name -r admin-role -l <Type admin-role password> \ modify -- -n target-rolename -P password |
Is the name of the domain that you want to manage.
Is the name of the administrative role that can modify the target role. The administrative role must have the solaris.admin.usermgr.pswd authorization. The administrative role and the target role cannot be the same role.
Is the prompt for the password of admin-role.
Is the required separator between authentication options and subcommand options.
Is the name of the target role.
Is the new password for target-rolename.
For the full list of command options, see the smrole(1M) man page.
In this example, superuser changes the password of the local operadm role.
# passwd -r files operadm New password: Type new password Re-enter new password: Retype new password |
In this example, the Primary Administrator role changes the password of the operadm role in the LDAP directory service.
$ passwd -r ldap operadm New password: Type new password Re-enter new password: Retype new password |
In this example, the administrator contacts the Solaris Management Console server to change the operadm password in the NIS domain. When the administrator does not provide the password before pressing the Return key, the New Password: prompt appears.
$ /usr/sadm/bin/smrole -D nis:/examplehost/example.domain \ -r primaryadm -l <Type primaryadm password> \ modify -- -n operadm -P Press the Return key New Password: a!2@3#4$5%6*7 $ |